< link rel="DCTERMS.isreplacedby" href="http://www.manifestcontent.net/" /> Manifest Content .comment-link {margin-left:.6em;}
manifest
Side of M@


PC


M@'s Links of Interest
  • Fark
  • Universe Today
  • NRO
  • The Onion
  • Warring Factions
  • Opinion Duel
  • Deviant Art
  • Communists4Kerry
  • Hitchens Web
  • Cagle's Cartoons
  • Word Detective
  • Victor Davis Hanson
  • RatherBiased
  • RatherGate


  • Other Things M@ Likes

    Image Hosted by ImageShack.us
    Image Hosted by ImageShack.us


    M@'s Blogs of Note
  • The God of Typing
  • Michelle Malkin
  • Junkyard Blog
  • Instapundit
  • Punditchick
  • Evan Coyne Maloney
  • Protein Wisdom


  • M@ has a Blogroll



    Archives
    July 2004 August 2004 September 2004 October 2004 November 2004 December 2005



    "The slovenliness of our language makes it easier for us to have foolish thoughts" ~ George Orwell





    "An effective way to deal with predators is to taste terrible." ~ Unknown

    Listed on BlogShares




    Saturday, October 30, 2004

    Gmail vulnerable to hackers?


    The register has a story about Gmail from Google and a new vulnerability found which makes it easy to break in and read someone's mail:


    Gmail accounts 'wide open to exploit' - report
    By John Leyden
    Published Friday 29th October 2004 16:50 GMT

    Google's high profile webmail service, Gmail, is vulnerable to a security exploit that might allow hackers full access to a user's email account simply by knowing the user name, according to reports.

    The security flaw allows full access to users' accounts, with no need of a password, Israeli news site Nana says . Using a hex-encoded XSS link, the victim's cookie file can be stolen by a hacker, who can later use it to identify himself to Gmail as the original owner of an email account, regardless of whether or not the password is subsequently changed. Following up a tip from an Israeli hacker, journos from the site confirmed the attack and verified the exploit with local security firm Aladdin Knowledge Systems.

    It's unclear whether the hole has been maliciously exploited. Google has been notified of the issue and is reportedly working on a fix. No-one from the company was available to update The Register on the issue at time of going to press. ®


    I trust Google to get this fixed quickly, but the faster the word gets out on this the better, most likely. I don't use Gmail, but somehow I don't think that makes my e-mail any safer from a hacker who knows what the hell a hex-encoded XSS link is. It does make me a little less likely to try out Google's new hard drive search capability...


    posted by M@ at 8:41 AM   0 comments links to this post

    0 Comments:

    Post a Comment

    Links to this post:

    Create a Link

    << Home



    button

    The Other Side

    Blogger Philosophy 101
    oldpeople
    Why do you have to be a nonconformist like everybody else?
    ~James Thurber

    Art & Literature Links
  • Bookslut
  • Digital Journalist
  • Artloggia
  • Getty Images
  • Musarium
  • Exquisite Corpse
  • Powell's Independent Bookstore
  • I, Orhan Veli
  • Wielding the Red Pen
  • Artcyclopedia
  • Luciferous Logolepsy
  • Wired for Books

  • Stolen Blogroll

    Escape Hatches
    Blogs For Bush



    orhan

    For Free:

    We are living for free;
    The air is for free,
    The clouds are for free.
    Hills and dales are for free;
    Rain and mud are for free;
    The outside of cars,
    The entrance to movie houses,
    The store windows are for free;
    It is not the same as bread and cheese,
    But salt water is for free;
    Freedom will cost you your life,
    But slavery is for free;
    We are living for free,
    For free.

    ~Orhan Veli~

    powered by coffee, cigarettes & this guy, who works for peanuts.

    Powered by Blogger